Microsoft Defender for Cloud vs Palo Alto Cortex

August 05, 2023 | Author: Michael Stromann
9
Microsoft Defender for Cloud
Microsoft Defender for Cloud
Protect multicloud and hybrid environments with comprehensive security across the full lifecycle, from development to runtime, with Microsoft Defender for Cloud.
16
Palo Alto Cortex
Palo Alto Cortex
Cortex brings together best-in-class threat detection, prevention, attack surface management and security automation capabilities into one integrated platform.
Microsoft Defender for Cloud (formerly known as Microsoft Defender for Cloud Apps, previously known as Microsoft Cloud App Security) and Palo Alto Cortex (also known as Cortex XDR) are two powerful cybersecurity solutions with different but complementary focuses. Microsoft Defender for Cloud is a cloud-native security platform that provides comprehensive protection for cloud applications and services, offering features like data loss prevention, threat protection, and identity and access management. It helps organizations secure their cloud environments, detect and respond to cloud-native threats, and comply with regulatory requirements. On the other hand, Palo Alto Cortex XDR is an extended detection and response platform that combines network, endpoint, and cloud data to deliver advanced threat detection, investigation, and response capabilities. It enables organizations to gain a unified view of their security landscape and take proactive measures against cyber threats. While Microsoft Defender for Cloud primarily focuses on securing cloud environments and applications, Cortex XDR offers a broader scope by integrating multiple data sources for comprehensive cyber threat detection and response.

See also: Top 10 XDR software
Microsoft Defender for Cloud vs Palo Alto Cortex in our news:

2023. Microsoft 365 Defender is becoming Microsoft Defender XDR



Microsoft has integrated cloud workload alerts, signals, and asset information from Microsoft Defender Cloud into Microsoft 365 Defender - it's cloud-based service designed to help protect on-premise, cloud and hybrid environments. This integration now removes any infrastructure blind spots in an organization’s digital landscape. As part of this integration, the company is rolling out new correlations and content tailored to cross-workload correlations and cloud-specific content, giving you a richer, more contextual understanding of the threats, your organization faces. In the Defender portal, SOC analysts can now run end-to-end investigations if they’re faced with this type of cyberattack. They can monitor, triage, and investigate multicloud alerts across Azure, AWS, and GCP. This end-to-end prioritization of information and alerts streamlines the investigation process and greatly improves SOC efficiency. With the incorporation of cloud signals, the company has renamed Microsoft 365 Defender to Microsoft Defender XDR to better represent its capabilities that broadly span multiplatform and multicloud assets.


2021. Microsoft is buying cybersecurity startup RiskIQ



Microsoft has announced its acquisition of RiskIQ, a cybersecurity company based in San Francisco, for a reported $500 million. RiskIQ specializes in providing organizations with threat intelligence and cloud-based software-as-a-service solutions. The company extensively analyzes the web, gathering information about websites, networks, domain name records, certificates, and WHOIS registration data. By offering customers visibility into assets, devices, and services beyond their firewall, RiskIQ enables organizations to secure their assets and reduce their vulnerability to malicious actors. Notably, RiskIQ's data played a significant role in the discovery and understanding of Magecart, a collective term for groups that inject credit card-stealing malware into vulnerable websites.


2020. Palo Alto Networks to acquire AI cybersecurity firm Expanse for $800M



Palo Alto Networks has completed the acquisition of Expanse for a total of $800 million. Expanse offers a valuable service that assists companies in comprehending and safeguarding their attack surface, identifying potential vulnerabilities to attacks. By providing the security team with insights into how the company's security profile might appear to an attacker attempting unauthorized access, Expanse enhances overall defense. The strategic integration plan involves incorporating Expanse into Palo Alto's Cortex Suite, a collection of AI-driven tools specifically designed for automated attack detection and prevention. Leveraging Expanse's extensive data resources, Palo Alto aims to further enhance its AI models, ultimately strengthening its overall security capabilities.

Author: Michael Stromann
Michael is an expert in IT Service Management, IT Security and software development. With his extensive experience as a software developer and active involvement in multiple ERP implementation projects, Michael brings a wealth of practical knowledge to his writings. Having previously worked at SAP, he has honed his expertise and gained a deep understanding of software development and implementation processes. Currently, as a freelance developer, Michael continues to contribute to the IT community by sharing his insights through guest articles published on several IT portals. You can contact Michael by email stromann@liventerprise.com